Cryptography is the practice of establishing a secure connection between two parties in the presence of a third party whom you don't want to be able to read your messages.

Cryptographers design algorithms and protocols, which do exactly this (and many other things). They also use a lot of time looking for security holes in existing protocols to make sure they can still be trusted. This is called cryptanalysis.

We have a very important rule on this subreddit, we won't solve your ciphers unless you provide us with an algorithm. If anyone sends you a code or a cipher without telling you how they encrypted, don't bother posting it on this subreddit - your post will get deleted. We redirect you to /r/breakmycode or /r/codes. Thank you for your understanding and for following the rules.

Thanks for the feedback! I agree we need contrete stuff. My current plan is to launch a lesson using the CS tool where we build tools for code breaking and then have challenges to break historical codes. Still thinking about this but it shouldn't be to hard - ideally I'll start soon!

Great! This is definitely part of what I had in mind. If I might make a suggestion, I once saw an article with a particularly powerful demonstration of the inherent weakness of ECB mode encryption.

The author started with a bitmap image ecrypted in ECB mode. He the overwrote the first few bytes with the magic number for bitmap images and opened it in a plain-old image viewer. While all the color information was changed by the encryption, each color value from the original plaintext image was always assigned the same new color value in ciphertext. The point is, you could still see the picture with the naked eye.

This was a very inutitive way of understanding the problem that CBC mode fixes, and I think it would be very cool to implement this with the CS tool in your lessons. But perhaps you already thought of a better example!

Yes I've seen this, great idea.....Especially having people recognize stuff visually is super important. I'm still not sure if I should build traditional exercises (which require no programming but give you access to the tools needed (such as frequency counter or, visualizations of bit streams...etc)), or, programming ones where you build everything you need as well.

From what I've seen, you really can't appreciate modern cryptography without resorting to a little bit of programming. Cryptanalysis really does revolve around playing with the data, and ready-made tools tend to hinder that.

The programming involved isn't very complex, anyway. XOR encryption works well for many examples, and you can always provide a blowfish function or something for when a simple ^= doesn't cut it.

I urge you to have students program, especially since they can get their feet wet with the programming tutorials on khanacademy. These are advanced lessons, after all =)

I like this pattern. I've been wondering if the user should jump back and fourth between code maker and breaker. OR, if they act as the "breaker" throughout, and learn new things about the "maker" along the way.